lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: disclosure at exotope.com (disclosure@...tope.com)
Subject: Automat?  Was (Re: new virus: )

Following up my own post:
--------------------------------------------------------------
There is no virus known to us by this name. However, Norton Anti-Virus
uses names like W97M.Automat.  to name viruses which have been detected
automatically.

VARIANT: Automat.K
--------------------------------------------------------------

So it looks new.

                       ...Eric



On Fri, 19 Sep 2003 disclosure@...tope.com wrote:

> Check out Usenet or Google groups, lots of autospam postings about this to
> news.admin.net-abuse.sightings.
>
> One says:
>
>   hqbkyk.exe was infected with the malicious virus Worm.Automat.AHB and
>   has been deleted because the file cannot be cleaned.
>
>               ...Eric
>
>
> On Fri, 19 Sep 2003, Ron Clark wrote:
>
> >
> >
> > ---------- Forwarded message ----------
> > Date: Fri, 19 Sep 2003 18:22:00 +0300
> > From: Eero Volotinen <security@...g.org>
> > To: Ron Clark <ron@...mail.Armstrong.EDU>
> > Subject: Re: [Full-Disclosure] new virus:
> >
> > Yes, it's swan virus.
> >
> > --
> > Eero
> >
> > If you meant swen, this doesn't look like swen. Nothing mentioning
> > micro$oft
> >
> > The test of the email is :
> > >
> > >Hi.
> > >I'm sorry to have to inform you that I wasn't able to deliver your
> > >message to the following addresses:
> > >
> > >
> > >
> > >Undelivered message to rlfblncx@...foot.net
> >
> >
> >  with an audio attachment
> >
> > ----- Original Message -----
> > From: "Ron Clark" <ron@...mail.Armstrong.EDU>
> > To: <full-disclosure@...sys.com>
> > Sent: Friday, September 19, 2003 5:38 PM
> > Subject: [Full-Disclosure] new virus:
> >
> >
> > >
> > > Has anyone seen an email going around with subject bug message
> > > containing a supposed audio attachment that is really an exe named
> > > ckcwr.exe.
> > >
> > > Is this a possible new virus? I have recieved numerous cpoies of this
> > > email since last night.
> > >
> > > Ron Clark
> > > System Administrator
> > > Armstrong Atlantic State University
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ